module.exports = function (req, res, next) {
    res.header('Access-Control-Allow-Origin', '*'); //允许的源, *表示所有
    res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE'); //允许的请求方法
    res.header('Access-Control-Allow-Headers', 'Content-Type'); //要求后续请求必须要附带的请求头
    res.header('Access-Control-Allow-Credentials', 'true'); //是否允许跨域传递cookie
    next();
};